package org.yiqixue.products;

import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.security.access.prepost.PreAuthorize;

@RestController
public class ProductsController {

    @GetMapping("/products")
    @PreAuthorize("hasRole('USER')")
    public String getProductDetails(@RequestParam String productId) {
        return "Product details for product ID: " + productId;
    }
}